Distributed Denial of Service Attacks back again. Websites not actually down.

My understanding of a DDOS attack and why Your website is not actually down.

These attacks that are thrust upon us and which we find to be so frustrating are more or less a result of our own lack of proper or working security systems on our home computers.

There are hackers out there with nothing better to do than search the internet for home and other computers that are not well protected when they are online. Mostly these hackers access these vulnerable computers and upload a small program to the computer that allows them to take control of your unprotected computers.

At that point they are able to whatever they want on your computers. However it is most beneficial to the hackers to try and remain undetected so that they can use your computer more often to do what they want the computer to do. More often than not they use your computers as bots to be used in password attacks on websites and in Denial of Service DOS attacks on sites.

DOS attacks send contact requests to a website at high speed. This then prevents regular visitors breaking into the queue and hence your websites appear to be down to the genuine visitor.

Now imagine a hacker who has control of 90,000 computers. With a few strokes on a keyboard he is able to direct that group of computers to attack all sites on a server or a server farm (Data Center)

Recently authorities were able to arrest one such hacker/controller who was using a mobile control center. It took some time to locate the offender on that occasion. It wouldn’t surprise me that the current spate of DDOS attacks also has a mobile control center and may take some time time to be shut down.

It may difficult for some to conceive the way this is being done.

I would like to take this opportunity to point out that with this type of attack on your web servers or web sites is not restricted to your current hosting service. Servers everywhere are being attacked. Shifting your sites to a different server service is not going to provide you with a better service. There are so many DDOS attacks that Service providers everywhere are learning to cope when an attack hits their servers. You should remember that each new attack has a different signature and it takes some time for the server operator to work out how to redirect each DDOS hit to a safe location and at the same time allow normal traffic through to the requested sites.

I was on a server farm that decided not to inform users of the reason for site outages and moved my own accounts, to a more secure server away from a shared server environment where hackers could take over every account on a server once they managed to break poor security on someone’s site.

I now notice that people who once worked with servers in the IT industry, are starting their own server services. It would pay you to remember that these people have been away from the industry for some time. They have absolutely no experience that will help them cope in the instance of a DDOS on their server, by over 90,000 bots. Better the devil you know then the devil you don’t know.

I hope that this may help some of you. I myself use two hosting services MMT and my own Hosting Service.

Yes I am a hosting Reseller. I make a profit by selling Dedicated Servers and other hosting services, but the servers are managed by the Data Center providing the service and you will be in direct contact with that management as well as me. And I do care about and for my customers.

WP Sites Under Attack Across the Globe

Why is it necessary that I should be writing about this subject, “WP Sites Under Attack Across the Globe”? How many times are we told that it is a necessity to use a WP-Admin User name that is difficult for a hacker to guess and a password that is hard to crack. Here are a few user names that it is obvious are still being used extensively.

administrator
support
test
admin1
admin
user

How am I able to sit here an say that with certainty? I use a WordPress plugin, “Login Lockdown”. When an IP address makes a number of failed attempts to login to my WP site LL blocks that IP and sends me an email telling me the IP that has been blocked and the username that they were using to attempt to break into my admin. Now these people are attempting to gain access to websites on a very regular basis and are not going to continually attack those usernames unless they have some degree of success.

I believe that somewhere there is a list of something like 50,000 usernames that are commonly used. Word Press by default allows unlimited attempts to login to the admin area. This environment means that hackers can apply brute force attacks to crack usernames and passwords. Currently hackers are using up to 90,000 hacked home computers to facilitate these brute force attacks. This is possible because computer users are possibly ignorant of the risks involved in connecting to the Internet. Either these people are ignorant or they choose not to use security programs because of the cost or because they don’t take the time to learn about protecting themselves and others.

The worst part of the ignorance or penny pinching of these people is that they are letting hackers attack their friends and other people who are using the internet to the best of their ability to secure their computers. This seems to me to be another area exposing the breakdown of social etiquette in today’s world.

A lot of WP sites are installed using fantastico installer. This installs wp using admin as the username. A better installer to use is Softalicious. It allows you to put in a different username and a computer generated password that is difficult to crack using upper and lower case letters an a selection of other keyboard characters. I use the password generator to create a password that I use for the admin user name. Then I use it again to create the password. When you use admin The hackers are 50% of the way to cracking your WP installation.

Softalicious also allows you to change the prefix used in all WP database installations. Thus improving the security of your WP installation. Have your install send the details to your email account. This includes all your install variables. You can save this information in a text file that you can refer to later. There are secure options out there for storing username and passwords. I did try one of those a few years ago and managed to loose the username and password for it. <(:-)=

Remember you can do your bit to help make the internet a safer place to be for yourself and the rest of society.

11.75 bass released

The tale of a sixteen-year-old girl from Steubenville, Ohio and What is a Social Behavioral Norm?

By now I’m sure that almost everyone will be aware of the sub culture that caused a split in the Steubenville, Ohio community. I’m just wondering how much of this culture is an extension of the bullying culture that is festering world wide?

I walked into a classroom and found the boys had put a piece of leopard print with a hole cut in it on the blackboard with inappropriate suggestions chalked around it with the name of a girl. The boys in the class were heckling the girl and tormenting her.

I didn’t even know which girl in the class was being attacked in this way.
The girl may or may not have had sex with one of them or with someone else.
Now I figured that if she did not then this was no way for them to treat her. And if she did have sex with someone then that someone should be grateful to her and that this was in no way appropriate behavior.

I figured that if they were jealous that they had missed out they shouldn’t behave like this.
I went up to the black board and removed the “loin cloth” and started to wipe out the insults etc. I was immediately attacked from behind by the school prefect>”A supposed leader of the school”> “Someone to be looked up to in our society”

I defended myself as best I knew how not having been trained in any form of defense but I had learned a few things about balance and rage. I had learned to never stand still and take a beating from a bully. It ended when he made a charge at me and I used his weight etc against him and he went over a railing out into the school yard. At that point I was pulled away from the group of his supporters by a teacher.

I was taken to the principal’s office and declined to dob in anyone over the incident. I did however let it be known that my attacker deserved far more punishment than anything I might have done in defending my self.

The outcome was that an investigation took place. I was admonished for fighting.

The teacher who “rescued” me from the mob of supporters later told me that the prefect was way out of line and they looked at replacing him but his “popularity” and there being no alternative available meant they had had to leave him as head prefect.

So the system is in place to ensure that the bullying culture survives.

I wonder if they should have just removed him from the position and gone without a head prefect?

That was nearly 50 years ago. Nothing much has changed except that the culture seems to have become deeper and deeper entrenched.

Today the problems in society caused by bullying are many and a movement is afoot to try and break the cycle and acknowledge that bullying, is a major fault of society that, needs to be rectified. The movement is slowly gaining momentum in-spite of the fact that our politicians and a high percentage of our school teachers are out there only paying lip service to fixing the problem.

Ok so an underlying bullying culture is in part responsible for the attacks on the young girl in question, I have to ask if it is a “peer pressure”> read bullying culture leads these young girls into an unsafe environment, such as the football parties in this instance, or for that matter substitute any other sport culture you care to mention?

What else might be responsible for leading these ill-informed youth to believe that their behavior toward this young girl was acceptable as a normal part of life to them?

A lot of people seem to be passing the blame to parents for not bringing their kids up to know better. I wonder if this is in fact the reality of the situation? How can a parent who accept this behavior as a normal part of their lives be expected to teach their kids that what they do is actually wrong?

When do children become embroiled in the bullying culture? Would it be when they go to school and have to learn to become an integral part of Society and not just a part of a family group?
When should children be taught acceptable means of joining society? Before they go to school? By whom?

Back to the topic. Gender respect. When and how should men and women, boys and girls, be taught to respect themselves and each other? Should the Religious teach gender respect and what is or should be normal behavior in our Society? Religion does teach Social behavior but overlooks a lot that needs to be addressed.

Should Religion be taught in our schools. I believe no. Why? Because There are so many different religions out there all teaching different behavior norms. There are lots of people today who, when they find they want to behave differently to how their religion teaches that they should, simply move to a different religion that actually allows the behavior they want to adopt.

Is there a single religion that should be taught in our schools? Perhaps not. Surely a basis of religion is that there is one true God and that their religion is the one true religion.

Maybe then the time has come for our Religious and our Psychologists to come together and devise a standard curriculum that can be introduced into our schools that teaches what is acceptable normal Social Behavior? Such Social Behavior should be taught from the time children go to School and start to learn what is acceptable social behavior.

Any such course is bound to take time to develop and be fought over. I believe that a Social Behavior Course will have faults and omissions but with proper independent assessment should be able to be modified and corrected where it is found deficient or incorrect.

Perhaps a World Council could be formed to oversee the development of the Social Behavior course.

What’s this? A One World Council?

And there-in lies the complexity of overcoming a simple problem like bullying. Will it ever be stopped?